logo

Our audits

With over 15 years of experience and expertise in information security, combined with the commitment of our entire team, ADACIS delivers high-quality audits (PASSI certified).

The skills acquired by our PASSI auditors are available whatever type of audit you need, PASSI or not PASSI.

Contact us Learn more about our PASSI audits
img

How an audit unfolds

01

Appointing an audit manager

• An audit manager and an audit team are appointed after the initial sales contact. The audit manager is your main point of contact throughout the audit.

02

Drafting an audit agreement

• An audit agreement is drafted by ADACIS in line with your objectives, context and needs; it guarantees that the mission's objectives will be properly met.

03

Establishing contact

• Before the audit begins, a kickoff meeting brings together all parties involved to introduce themselves and establish contact with you and the audited teams. We will in particular ask to review your documentation and speak with your staff.

04

Vulnerability research

• The audit spans two to three weeks, alternating between on-site and off-site work, to better understand your IT architecture, documentation and specific requirements, and where needed to build proof-of-concept exploits to demonstrate vulnerabilities.
Auditors follow a defined methodology for each activity, including interviews, configuration reviews and penetration tests within an agreed scope, while avoiding denial of service.

05

Reporting and disclosure of vulnerabilities

• On the last day of the audit, a hot debrief meeting communicates the critical or major vulnerabilities identified. In the case of critical vulnerabilities in particular, you will be notified immediately at any point during the audit.

06

Explaining the results

• After the audit report is delivered, a closing meeting finalizes the audit engagement, shares the conclusions, and explains the results in detail. All documents held by ADACIS are then destroyed or returned.

Auditors and expertise

Each of our auditors holds a qualification, and also holds additional certifications depending on their own area of expertise:
• OSCP (Penetration testing)
• ISO 27001
• ISO 27005
• EBIOS Risk Manager

As well as technical certifications.
The diversity of audit activities and ADACIS auditor profiles provides, during an audit, multiple perspectives on an organization's security level.

img
img

An independent and ethical audit

Taking part in audits can be a sensitive moment for teams and organizations. That is why the human qualities of ADACIS auditors are also assessed.

The values of ADACIS auditors are as follows:
• Ethics
• Impartiality
• Professionalism
• Confidentiality
• Independence
• Evidence

Simply put, an audit is not there to pass judgment; it is a governance tool that highlights strengths and sheds light on vulnerabilities that could jeopardize an organization's mission, or even its viability.
An audit helps ensure the continuous improvement of organizations or management systems — you always keep control over which solutions to implement.

Audit quality for everyone

Security is everyone's business, so ADACIS also offers packages for small and mid-sized businesses. PASSI know-how is not reserved for large groups — an SME like ADACIS brings its professionalism, ethics, confidentiality and other third-party-recognized qualities within your reach, without the obligation to bear the constraints of a PASSI audit.

Take advantage of PASSI know-how
img
img

The cost of an audit

The cost of an audit depends on many factors:
• The scope, such as the size of the IT system or the number of assets;
• The number of auditors involved;
• The audit activities;
• Whether the audit is performed remotely or on-site.
Auditor billing is per day (man-day) and is detailed in a quote that will be sent to you.

ADACIS's human scale and its location in Nouvelle-Aquitaine allow us to deliver quality audits to organizations of any size. Furthermore, our clients operate at a national and international scale, and we remain mobile.